Vulnerabilities > Jeesns
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-19 | CVE-2022-38550 | Cross-site Scripting vulnerability in Jeesns 2.0.0 A stored cross-site scripting (XSS) vulnerability in the /weibo/list component of Jeesns v2.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. | 5.4 |
| 2021-09-09 | CVE-2020-19280 | Cross-Site Request Forgery (CSRF) vulnerability in Jeesns 1.4.2 Jeesns 1.4.2 contains a cross-site request forgery (CSRF) which allows attackers to escalate privileges and perform sensitive program operations. | 8.8 |
| 2021-09-09 | CVE-2020-19281 | Cross-site Scripting vulnerability in Jeesns 1.4.2 A stored cross-site scripting (XSS) vulnerability in the /manage/loginusername component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the username field. | 5.4 |
| 2021-09-09 | CVE-2020-19282 | Cross-site Scripting vulnerability in Jeesns 1.4.2 A reflected cross-site scripting (XSS) vulnerability in Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the system error message's text field. | 6.1 |
| 2021-09-09 | CVE-2020-19283 | Cross-site Scripting vulnerability in Jeesns 1.4.2 A reflected cross-site scripting (XSS) vulnerability in the /newVersion component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML. | 6.1 |
| 2021-09-09 | CVE-2020-19284 | Cross-site Scripting vulnerability in Jeesns 1.4.2 A stored cross-site scripting (XSS) vulnerability in the /group/comment component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the group comments text field. | 5.4 |
| 2021-09-09 | CVE-2020-19285 | Cross-site Scripting vulnerability in Jeesns 1.4.2 A stored cross-site scripting (XSS) vulnerability in the /group/apply component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Name text field. | 5.4 |
| 2021-09-09 | CVE-2020-19286 | Cross-site Scripting vulnerability in Jeesns 1.4.2 A stored cross-site scripting (XSS) vulnerability in the /question/detail component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the source field of the editor. | 5.4 |
| 2021-09-09 | CVE-2020-19287 | Cross-site Scripting vulnerability in Jeesns 1.4.2 A stored cross-site scripting (XSS) vulnerability in the /group/post component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the title. | 5.4 |
| 2021-09-09 | CVE-2020-19288 | Cross-site Scripting vulnerability in Jeesns 1.4.2 A stored cross-site scripting (XSS) vulnerability in the /localhost/u component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in a private message. | 5.4 |